The transmission of encrypted data or of conditional access content is well-known in the field of Pay-TV, where encrypted content is generally broadcast by terrestrial transmitters, via satellite or via a cable network to a number of subscribers, each subscriber having a multimedia unit, associated with or containing a security module to decrypt the encrypted content for its visualization.
The security module is in charge of the security operations and is associated with the multimedia unit or with a receiver. Such a security module comprises, on the one hand, a conditional access module referred to as CAK (Conditional Access Kernel), and on the other hand, a processing module. The conditional access module is in charge of the management of priorities of the messages that will be processed by the processing module. This processing module carries out the verification and/or the authentication steps, and is also responsible for processing the messages transmitted to it and for resending the results of this processing. Such a processing module can be made particularly in four different forms. One of these forms is a microprocessor card, a chip card, or more generally an electronic module (in a form of a key, a badge, . . . ). Such a module is usually removable and connectable to the receiver. The form with electric contacts is the most commonly used, but does not exclude a connection without contacts, for instance of the ISO 14443 type.
A second well-known form is that of an integrated circuit box, usually located in a definitive and irremovable way in the receiver box. A variant consists of a circuit mounted on a base or a connector such as a SIM module connector.
In a third form, the processing module is integrated in an integrated circuit box further having another function, for instance in a descrambling module of the decoder or the microprocessor of the decoder.
In a fourth embodiment, the processing module is not made in material form, but its function is only implemented as a software.
As in all four cases, even though the security level differs, the function is identical, we will refer to as a processing module regardless of the way in which its function is implemented or the form of this module. In the four above described forms, the processing module has means for executing a program (CPU) stored in its memory. The collaboration between the conditional access module (CAK) and the processing module allows the security module to perform the security operations, to verify rights, to perform a decryption or to activate a decryption module, etc.
In a system of the Pay-TV type, the scrambled or encrypted content can be descrambled or decrypted by a control word. In order to improve the security of the system, the control word is generally changed within a relatively short interval, called cryptoperiod, for example of ten-seconds. Every 10 seconds, or for each cryptoperiod, each subscriber receives, in an ECM control message (Entitlement Control Message), the control word required for decrypting the enciphered contents in order to allow the viewing or the access to the transmitted data. During the time of one cryptoperiod, a same control message or control messages containing the same control words are sent at regular intervals, for instance every 50 ms. This repetition of messages allows a user that switches on a specific channel to access control words that are required for decrypting the content of the specific channel without having to wait until the end of the cryptoperiod.
The control word itself is encrypted by a transmission key and is transmitted in an encrypted form in the ECM control message. The encrypted content and the encrypted control word are received by a multimedia unit which, if the subscriber is up-to-date with its subscription, or more generally, if he has the corresponding access rights, has access to the usage key stored in a security module. The encrypted control word is decrypted by the security module by means of the transmission key. The security module transmits the control word to the decoder. The encrypted content is decrypted by the decoder by means of the control word.
The transmission key is regularly changed, for instance, every month. A management message (EMM Entitlement Management Message) is received every month by the decoder and transmitted to the security module. The management message contains the transmission key in an encrypted form. A key assigned to the security module allows the latter to decrypt the encrypted transmission key.
The security modules currently used for processing the control messages mainly have a limited processing capacity. In particular, the processing module can only process one message at a time, which involves a storage and a sequential processing of the messages when several messages are received by a multimedia unit in a short period of time. Recently, the manufacturers of decoders intended to the Pay-TV or to conditional access TV have introduced broadband tuners that are able to receive a significant number of content and message streams, for instance, 8, 16, 32 or even more. This can be a problem. Indeed, when too many messages are received simultaneously or during a relatively short period, the security module might not be able to process all the messages received. This results in the risk that part of the content cannot be decrypted and that the user is presented with a blank screen. This might be the case, in particular, when the management of the processing order of the messages is not well done.
Presently, this problem is solved by assigning a priority to the messages, this priority being defined according to the real or possible use of the messages by a user. As an example, the message stream, corresponding to a content that is being viewed by a user, receives the highest priority, in order to avoid that a control message cannot be decrypted and that the user is presented with a blank screen.
The stream corresponding to a content being recorded also has a high priority level, otherwise, there is a risk that a part of the recording may not be performed.
The predictive stream or streams have a lower priority. These predictive streams correspond to the channels for which the probability that the user will view this channel is the highest. These channels may be the channels having a channel number immediately adjacent to the channel that is being viewed. They can also be defined according to the user's profile.
Usually, when the security module must process at the same time, a stream corresponding to the content displayed, a stream for a content that is currently recorded and predictive streams, the security module is strongly requested and the management of other streams can be a problem. In cases in which a patchwork is displayed for a user, with the current systems, the content forming this patchwork results from a specific channel. Indeed, in the current systems, it is not possible for instance, to decrypt enough messages for displaying a patchwork on the basis of the real content. For this reason, it is indispensable to use a specific channel. The priority for this kind of channels can be relatively low, and this may cause problems such as the impossibility to display the mosaic. Moreover, it is not possible to offer a customized patchwork to the users.
In the prior art systems, priorities are fixed. Thus, in certain situations, the user can find himself facing a blank screen. This could be the case, in particular, when the user frequently switches and when the security module cannot process all the control messages received.
This present invention aims to solve the drawbacks of the prior art by implementing a method for processing control messages, which allows to manage these messages in a more flexible and more effective way. These drawbacks are also solved by a security module used for the implementation of this method for processing messages.